Research Archives

Cloudflare headquarters in San Francisco. (Getty Images)

Attackers are using your network against you, according to Cloudflare

Blind spots in complex cloud environments allow identity-based attacks to achieve the same outcome as complex malware or zero-day exploits. Sophistication need not apply.

Mar 4, 2026 By Matt Kapko

The Apple logo appears on a mobile phone screen in this photo illustration in Brussels, Belgium, on Feb. 26, 2026. (Photo by Jonathan Raa/NurPhoto)

Possible U.S.-developed exploits linked to first known ‘mass’ iOS attack

Researchers traced the kit moving from a spyware vendor’s customer to Russian hackers to Chinese cybercriminals.

Mar 3, 2026 By Tim Starks

Creeping plant growing on a brick wall. (Getty Images)

Vulnerabilities grew like weeds in 2025, but only 1% were weaponized in attacks

Too many defenders and researchers are paying attention to defects and unsubstantiated exploit concepts that aren’t worth their time, VulnCheck’s Caitlin Condon said.

Feb 25, 2026 By Matt Kapko

A photo taken on March 31, 2023 in Manta, near Turin, shows a computer screen with the home page of the artificial intelligence OpenAI web site, displaying its chatGPT robot. (Photo by Marco BERTORELLO / AFP) (Photo by MARCO BERTORELLO/AFP via Getty Images)

Chinese group’s ChatGPT use reveals worldwide harassment campaign against critics

OpenAI said a Chinese law enforcement agency uploaded reports to ChatGPT that details a worldwide digital operation to track and silence regime critics at home and abroad.

Feb 25, 2026 By Derek B. Johnson

CrowdStrike says attackers are moving through networks in under 30 minutes

The average time from intrusion to network movement in 2025 was 29 minutes, a 65% increase in speed from the year prior.

Feb 24, 2026 By Matt Kapko

Chinese hackers exploited a Dell zero-day for 18 months before anyone noticed

Google researchers said Chinese attackers have been exploiting a zero-day since mid-2024, and they’ve moved on to a more advanced version of Brickstorm malware called Grimbolt.

Feb 17, 2026 By Matt Kapko

Unit 42: Nearly two-thirds of breaches now start with identity abuse

Palo Alto Network’s incident response firm said identity-based attacks are exploding as poor security controls stretch across a widening mosaic of integrated tools and systems.

Feb 17, 2026 By Matt Kapko

Wind turbines are seen on a wind farm on a field between agricultural produce in a countryside in a village near Radom, Poland on May 19, 2025. (Photo by Dominika Zarzycka/NurPhoto)

After major Poland energy grid cyberattack, CISA issues warning to U.S. audience

The Cybersecurity and Infrastructure Security Agency said the attack highlighted threats from vulnerable edge devices to operational technology and industrial control systems.

Feb 10, 2026 By Tim Starks

Members of the Peoples Liberation Army band leave after the closing session of the Chinese People’s Political Consultative Conference, or CPPCC, at the Great Hall of the People on March 10, 2025 in Beijing. (Photo by Kevin Frayer/Getty Images)

China-based espionage group compromised Notepad++ for six months

The Chinese APT group Lotus Blossom intruded the tool’s internal systems to snoop on a limited set of users’ activities, according to researchers.

Feb 2, 2026 By Matt Kapko

North Korea Worker's Party Monument — The North Korea Worker’s Party Monument in Pyongyang. (Getty Images)

Long-running North Korea threat group splits into 3 distinct operations

The trio, which share lineage with the more broadly defined Lazarus Group, are focused on espionage and cryptocurrency theft, according to CrowdStrike.

Jan 29, 2026 By Matt Kapko